21 matches found
CVE-2020-37096 Edimax EW-7438RPn - Cross-Site Request Forgery (MAC Filtering)
Edimax EW-7438RPn 1.13 contains a cross-site request forgery vulnerability in the MAC filtering configuration interface. Attackers can craft malicious web pages to trick users into adding unauthorized MAC addresses to the device's filtering rules without their consent...
EUVD-2019-14743
Malware in sbrugna...
EUVD-2019-14742
Malware in sbrugna...
EUVD-2019-14746
Malware in sbrugna...
EUVD-2019-14767
Malware in sbrugna...
EUVD-2019-14747
Malware in sbrugna...
EUVD-2019-14753
Malware in sbrugna...
EUVD-2025-18776
Malicious code in bioql PyPI...
CVE-2019-5139
An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts...
CVE-2019-5138
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker...
CVE-2019-5153
An exploitable remote code execution vulnerability exists in the iwwebs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send...
CVE-2019-5137
The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13...
Authentication flaw
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attack...
Format string
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
Integer overflow
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packe...
CVE-2019-5162
An exploitable improper access control vulnerability exists in the iwwebs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as...
Moxa AWK-3131A Access Control Error Vulnerability
Moxa AWK-3131A is a wireless access device from Moxa. An access control error vulnerability exists in the 'iwconsole' function in the Moxa AWK-3131A using firmware version 1.13. An attacker can exploit this vulnerability to gain access to the system as root with the help of a menu selection strin...
Moxa AWK-3131A Authentication Bypass Vulnerability
Moxa AWK-3131A is a wireless access device from Moxa. A security vulnerability exists in the handling of host names in the Moxa AWK-3131A using firmware version 1.13. An attacker can exploit this vulnerability to bypass authentication by sending an authenticated SNMP request...
Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability
Summary An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send...
Moxa AWK-3131A iw_console Privilege Escalation Vulnerability
Summary An exploitable privilege escalation vulnerability exists in the iwconsole functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send...